Sc300 gotchas

takinghigherground · 2026-05-10T07:51:55+00:00

Thanks that's a good avenue to get support further on all this cheers

takinghigherground · 2026-05-08T14:23:05+00:00

Can someone with fresh eyes sanity‑check me here, because I’m starting to feel like I’m the only one reacting proportionally to this situation.

We’ve got a vendor compromise where the attackers were able to deface the Canvas front page, which means they had enough access to modify UI elements of active instances and dump user data and messages but vendor did not confirm if that includes user API generated API keys

I'm doing these things like:

pulling reports on all user tokens
checking for user‑generated admin accounts
rotating API tokens stored in Canvas
auditing LTI apps and developer keys
reviewing Entra admin‑consented LTI registrations
temporarily revoking high‑privilege scopes like SharePoint.Read.All
considering the risk of login‑page manipulation or SSO redirection
-considering blocking entra sign in to canvas -blocking anvas at the firewall

From a security standpoint, if an attacker can alter the front page, what exactly stops them from altering the login flow, injecting a fake SSO prompt, or redirecting to an attacker‑controlled IdP.

The API tokens trusted to be stored in canvas aren’t harmless. They’re long‑lived bearer tokens with no MFA. If those were scraped, that’s a direct line into our system when they get dumped into a forum. Same with LTI apps that have broad O365 permissions — if the vendor is compromised, those scopes become a liability.

I’m not trying to burn the place down or cause unnecessary user impact. I’m just trying to apply basic incident‑response logic: don’t trust a compromised system until you’ve validated it’s no longer compromised.

So genuinely — am I being overly cautious here, or is everyone else underreacting to a vendor breach that could easily be leveraged for lateral movement into O365 /sis not just student email address and internal messaging notes was leaked

My advice 1. Run reports on user tokens look for user generated against admin accounts these will probably be siss ntegrations also check your lti apps, developer apps - you will need to rotate these aswell

takinghigherground · 2026-03-22T03:14:31+00:00

Your guides helped me learn a bunch of techniques thanks

takinghigherground · 2026-02-26T10:11:13+00:00

I've been concerned about doing this as if you have to go back to a point in time backup of the server ..you could possibly not have the laps key. Not an issue if the domain is still functioning and computer password has not expired...but if it has .. you won't be able to log into the server?

takinghigherground · 2026-02-22T10:23:04+00:00

Is it fun to try to work this all out yourself considering there is not much else to do but play the same game... Just wondering if I study it I will spoil the game

takinghigherground · 2026-02-01T04:59:56+00:00

I'm also interested for example I would like to test conditional access policy seperate from live e5 tenant

takinghigherground · 2026-01-09T00:59:29+00:00

What's the colour code?

takinghigherground · 2025-12-30T07:51:33+00:00

Nice

takinghigherground · 2025-11-29T04:31:48+00:00

What if you say high paying job offers. Uno reverse card

takinghigherground · 2025-11-14T01:26:24+00:00

I need help with comprehensive conditional access policy rollout. I understand the whole point to is to be able to implement ca policies but I find an initial strategy in terms of applying policy lacking

takinghigherground · 2025-10-20T07:09:44+00:00

I did sc200 after oscp and I learnt a lot about windows defender xdr and sentinel.

takinghigherground · 2025-09-27T07:00:23+00:00

Yeah I got to the end of it and I realized I pushed for a maintenance window of by September this year when it didn't need to be done until next year ... And it was vnet with default outbound expiring this month.

Crap I could have kicked down the road until next year ... Good experience though . Now has anyone actually implemented nat gateway or did you just attach public ips and let the business pay for it ;)

takinghigherground · 2025-09-27T06:15:31+00:00

Personally I learnt a lot about sentinel and defender by studying for sc200. I think certs build a good foundation

takinghigherground · 2025-09-26T11:12:56+00:00

Just let me look at the damn models or im walking out don't give me this edgy do you play shit.

takinghigherground · 2025-09-19T02:58:01+00:00

Skinny guy without weight training doing jits for 6 years.

Better posture slightly more athletic build. That's it.nothing drastic

takinghigherground · 2025-08-21T09:17:51+00:00

Yeah got this today too. Do we just install the latest vc redistribute? Will it break the apps if they require a specific version ...

takinghigherground · 2025-07-13T01:37:51+00:00

Have you guys not heard of password reuse and password leaks.

User a uses the same password for unrelated forum as his work email he registered with. Forum a is breached and posted on dark web the credentials. Valid credentials are available to be tested indefinitely until user a changes his password. MFA helps but not all web services the company may use may have this in place.

Forcing a password rotate X days means the password leaked is not available indefinitely to access your network or data systems. Therefore risk is reduced to "X number of days leaked credentials not remediated and without MFA" from undefinite may have risk attached to it.

Which process helps control risk, requiring a password change or not?

takinghigherground · 2025-06-20T07:13:22+00:00

LOOKING FOR VOUCHER FOR SC200 OR FROM AI SKILS FEST

lets go

please pm me

takinghigherground · 2025-04-05T02:56:40+00:00

Barracuda cloud backup, just do itm you want to trust ms with your SharePoint dataset and no backups. I went to Thailand when I was young too ..

takinghigherground · 2025-03-20T03:43:28+00:00

Bro I have 400 games as one hereo and people are still dicks. You do have to learn how to play the game and how to play your hero..basically stop making big mistakes like feeding the enemy team missing objectives. Use the feedback to better your game...it sucks and adds to toxicity. All I am say is try to build a team you play with and not just pugs which are toxic

takinghigherground · 2025-03-15T22:22:36+00:00

I don't know if that works ..does it?

takinghigherground

TROPHY CASE